Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support TSIP crypt only #6520

Merged
merged 1 commit into from
Aug 1, 2023
Merged

Support TSIP crypt only #6520

merged 1 commit into from
Aug 1, 2023

Conversation

miyazakh
Copy link
Contributor

@miyazakh miyazakh commented Jun 17, 2023
edited by TakayukiMatsuo
Loading

Description

Support Aes, sha and Rsa( MakeRsaKey and sign/verify)
Sort out TSIP macro definition, WOLFSSL_RENESAS_TSIP_TLS and WOLFSSL_RENESAS_TSIP_CRYPTONLY. WOLFSSL_RENESAS_TSIP_CRYPT is obsolete now.
This is supposed to be used for wolfBoot on RX72N.

Testing

Board Test Case
RX72N Simple Verified
RX72N AWS Verified
RX65N GR-ROSE Verified
RX65N RSK AWS Verified

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@miyazakh miyazakh assigned miyazakh and cconlon and unassigned miyazakh and cconlon Jun 17, 2023
@miyazakh miyazakh marked this pull request as draft June 21, 2023 00:41
@miyazakh
Copy link
Contributor Author

Hi @cconlon
It appears this PR needs updating a little bit because of wolfBoot environment compile. Therefore, I mark this as draft until then.

@miyazakh
Copy link
Contributor Author

retest this please

@miyazakh miyazakh marked this pull request as ready for review June 27, 2023 05:56
@miyazakh miyazakh assigned cconlon and unassigned miyazakh Jun 27, 2023
@miyazakh miyazakh mentioned this pull request Jun 28, 2023
Merged
cconlon
cconlon requested changes Jun 30, 2023
View reviewed changes
IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c Outdated Show resolved Hide resolved
IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c Outdated Show resolved Hide resolved
wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c Outdated Show resolved Hide resolved
wolfcrypt/src/port/Renesas/renesas_tsip_util.c Outdated Show resolved Hide resolved
wolfcrypt/src/rsa.c Outdated Show resolved Hide resolved
@cconlon cconlon assigned miyazakh and unassigned cconlon Jun 30, 2023
@miyazakh
Copy link
Contributor Author

miyazakh commented Jul 14, 2023
edited
Loading

Sort out TSIP TLS and Crypt-Only macro definitions as much as possible.

Macro Name Note Default
WOLFSSL_RENESAS_TSIP Always enabled when TSIP uses Enabled
WOLFSSL_RENESAS_TSIP_TLS WOLFSSL_RENESAS_TSIP_CRYPTONLY should be also enabled when enabled. Enabled
WOLFSSL_RENESAS_TSIP_CRYPTONLY Only this can be enabled if want to enable crypt-only. Enabled
WOLFSSL_RENESAS_TSIP_CRYPT obsolete

@miyazakh
Copy link
Contributor Author

miyazakh commented Jul 14, 2023
edited
Loading

Verification status

Board Test Case
RX72N Simple Verified
RX72N AWS Verified
RX65N GR-ROSE Verified
RX65N RSK Compile OK

Hi @TakayukiMatsuo
Could you verify my changes on RX65N RSK because I don't have the board once I verify the rest of boards/Test case?

@miyazakh
Copy link
Contributor Author

Hi @cconlon and @TakayukiMatsuo

This is ready for review.

@miyazakh miyazakh assigned cconlon and unassigned miyazakh Jul 16, 2023
@TakayukiMatsuo
Copy link
Contributor

Will start running on RX65 RSK board.

TakayukiMatsuo
TakayukiMatsuo reviewed Jul 21, 2023
View reviewed changes
Copy link
Contributor

@TakayukiMatsuo TakayukiMatsuo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Found some build and runtime errors on the RSK-RX65N-2MB board. One of the errors is a link error regarding section settings. Increased use of variables in wolfSSL can lead to errors. To avoid the section error, could you please add the updated section file to this PR? To update the file, rename the attached "section.txt" to "section.est", replace the file RSK/resource/section.esi with the renamed file.

Even with the commented changes, RSA signature verification (tsip_VerifyRsaPkcsCb) fails. It occure in SendCertificateVerify in TLS1.2.

attachement: section.txt

IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h Show resolved Hide resolved
IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c Show resolved Hide resolved
IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c Show resolved Hide resolved
IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c Show resolved Hide resolved
wolfcrypt/src/port/Renesas/renesas_tsip_util.c Outdated Show resolved Hide resolved
wolfcrypt/src/port/Renesas/renesas_tsip_util.c Outdated Show resolved Hide resolved
wolfcrypt/src/port/Renesas/renesas_tsip_util.c Outdated Show resolved Hide resolved
@miyazakh
Copy link
Contributor Author

retest this please

@miyazakh miyazakh assigned cconlon and TakayukiMatsuo and unassigned miyazakh Jul 24, 2023
@dgarske dgarske requested a review from cconlon July 24, 2023 14:17
@dgarske
Copy link
Contributor

dgarske commented Jul 24, 2023

Hi @cconlon this is blocking wolfBoot PR wolfSSL/wolfBoot#318
If you don't have time to finish the review please assign to @JacobBarthelmeh

@cconlon cconlon assigned miyazakh and unassigned cconlon and TakayukiMatsuo Jul 25, 2023
@miyazakh miyazakh force-pushed the tsip_cryptonly branch 2 times, most recently from 0062056 to a35f5ac Compare July 25, 2023 22:29
@cconlon
Copy link
Member

cconlon commented Jul 26, 2023

@TakayukiMatsuo Is looking into RSA sign/verify failures with these changes on RX65 RSK board. Assigning to him for updates/comments.

@miyazakh
Support TSIP crypt only
02ec92a 
  - Aes, sha,
  - rsa
     MakeRsaKey, sign/verify

fix compile error when not enabled TSIP
@miyazakh miyazakh removed their assignment Jul 31, 2023
@cconlon cconlon merged commit 27a5976 into wolfSSL:master Aug 1, 2023
73 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TakayukiMatsuo TakayukiMatsuo TakayukiMatsuo left review comments

@cconlon cconlon cconlon approved these changes

Assignees

@cconlon cconlon

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@miyazakh @TakayukiMatsuo @dgarske @cconlon